Cross-Site Scripting (XSS) in Micro Focus Universal CMDB, version 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.0, CMS, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1 and Micro Focus UCMDB Browser, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1. This vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS).
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
03 Mar 2023, 19:02
Type | Values Removed | Values Added |
---|---|---|
References | (SECTRACK) http://www.securitytracker.com/id/1040970 - Broken Link, Third Party Advisory, VDB Entry |
Information
Published : 2018-05-23 18:29
Updated : 2024-02-04 19:46
NVD link : CVE-2018-6495
Mitre link : CVE-2018-6495
CVE.ORG link : CVE-2018-6495
JSON object : View
Products Affected
microfocus
- universal_cmdb_browser
- universal_cmdb
- cms_server
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')